Configuring Cisco VTP

Virtual Trunking Protocol, known as VTP is used to share VLAN information from a server switch to multiple client switches. This makes VLAN management easier across multiple switches. This lab will discuss and demonstrate the configuration and verification of VTP.

Real World Application & Core Knowledge

One of the biggest hurdles traditionally with maintaining VLAN’s across multiple switches is the fact that you’d have to add/remove and manage VLAN’s on each switch independently. VLAN Trunking Protocol, also known as VTP is a technology that allows for the propagation of VLAN’s from a single switch to multiple switches in a Server-Client fashion. In this lab you’ll dive into configuring VTP Server and VTP Client mode to propagate VLAN’s from a single switch to multiple switches.

In the world of VTP, the VTP Server is the centralized point of management in the network for VLAN propagation. Whenever you create a new VLAN on the VTP Server, this VLAN will automatically be propagated to the switches in the same VTP Domain. Think of a VTP Domain as a single autonomous system, or a single collection of switches that share the same VLAN’s. For example you have a large campus building in a University network. This building in the three tier design model will have an access and distribution core. The VTP Server in this design would be the distribution switch. In most cases, the VTP server would be a chassis switch or a switch stack to provide redundancy to access switches.

Creating a VLAN on the distribution switch will allow for all access switches to access other access switches on different floors of the building on the same VLAN, this eliminates the need to create the vlan on 3 separate switches, the distribution, and both access switches in the given example.

In large enterprise networks VTPv2 can be used in the campus core as VTPv2 can only propagate up to 1005 VLAN’s, however once you hit the VTP VLAN ceiling you’d be required to migrate to VTP Version 3 to allow for the propagation of 4095 VLAN’s.

There are three VTP Versions currently; VTP Version 3 which is quite new provides major advantages over versions one and two.

VTP Version 1 was the initial release of this technology gives you the ability to configure the switch as a VTP Server, VTP Client, VTP Transparent Switch (will be discussed in Lab 4-11) and on CatOS switches, VTP Mode OFF which completely disables VTP.

VTP Version 2 is not to much different from v1 however VTPv2 includes the support for token ring VLAN’s and VTP Pruning. If neither of these features are required in a network then there is no need to upgrade from version one to version two.

VTP Version 3 on the other hand has significant advantages over its predecessors, two of the most beneficial features to modern networks is that VTP v3 supports the entire IEEE VLAN Range 1-4095 and also the ability to propagate Private VLAN information. VTP v3 also gives better administrative control over the VTP domain by allowing you to configure which devices can update other devices view of the VLAN topology. You now have the option to turn VTP on or off on a per trunk basis and now the VTP server has a primary and backup VTP server.

Now take a step back for a second and ask yourself what happens if someone else plugs a switch into the network with the same VTP domain and a higher revision of the database and completely different VLAN information. The answer is quite simple, you’re network goes into the bit bucket as your VLAN’s on all switches change, some get removed, new ones added and so on. When a VLAN is removed on a switch and ports are in that specific VLAN, those ports get shutdown. All in all, if this happens on your watch and its your fault you better update your resume.

But don’t worry, there is hope!! With the a VTP Password, you can prevent unwanted VTP server switches in the network. By using a VTP password switches can only be a client of a VTP Server if the passwords match.

VTP Domains can be unique to location but there is one domain name that is special; VTP Domain: NULL, this domain name basically is no domain name, its blank and is represented as the domain name NULL. However when it is changed you cannot change it back to NULL.

In this lab you will familiarize yourself with the following commands;

Command

Description

vtp mode server

This command is executed in global configuration mode and sets the switch as a VTP Server. This is the default VTP mode for a new switch with the VTP domain set to NULL

vtp mode client

This command is executed in global configuration mode and sets the switch as a VTP client which learns its VLAN information from the VTP Server in its specified VTP Domain.

vtp domain domainname

This command is executed in global configuration mode and sets the VTP domain of a device.

vtp version i

This command is executed in global configuration mode and sets the VTP Version of the device.

vtp password password

This command is executed in global configuration mode and sets the VTP password to prevent unauthorized VTP Servers and/or Clients in a particular VTP Domain.

show vtp password

This command can only be executed in privileged mode and displays the current VTP Password.

show vtp status

This command can be executed from user or privileged mode to view the current VTP configuration such as VTP mode, Domain, Version, Pruning and more.

The Free CCNA Workbook CCNA GNS3 topology uses the NM-16ESW in a Cisco 3640 series switch. The commands listed above must be executed in VLAN Database configuration mode and will slightly vary. Be sure to use the context sensitive help.

Lab Prerequisites

If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start devices; SW1, SW2 and SW3.

Establish a console session with devices SW1, SW2 and SW3 than configure the devices respected hostname(s).

Shutdown interfaces Fa0/13, Fa0/14 and Fa0/15 on SW2 and SW3.

Configure interfaces Fa0/10, Fa0/11 and Fa0/12 on both SW1 and SW2 in an EtherChannel. Use channel-group number 1 and configure the channel group to trunk.

Configure interfaces Fa0/13, Fa0/14 and Fa0/15 on SW1 and interfaces Fa0/10, Fa0/11 and Fa0/12 on SW3 in an EtherChannel. Use channel-group number 2 and configure the channel group to trunk.

Lab Objectives

Configure SW1 as the VTP Server and configure SW2 and SW3 as VTP Clients. Set the VTP Domain name to CISCO on all three switches.

Configure VLAN 10 with the name Development on the VTP Server and verify that it propagates to SW2 and SW3 properly.

Set the VTP Version to v2 and secure the VTP Domain by using the password Cisco$123. Verify your configuration.

The instructional section of this lab is demonstrated using three Cisco Catalyst 3560 Series switches.

Lab Instruction

Step 1. – Configure SW1 as the VTP Server and configure SW2 and SW3 as VTP Clients. Set the VTP Domain name to CISCO on all three switches.

Configuring the VTP Mode and VTP Domain are done by the use of the vtp mode modetype and the vtp domain domainname as shown below; Keep in mind when setting the VTP Domain, this must be set prior to the VTP mode if you are setting the VTP domain on a client switch. If you need to change the VTP domain you must set it to transparent then change the name and/or password then set the switch back to VTP mode client.